Assoc Cybersecurity Engineer

As an Associate Software Security Engineer you will be part of our Cybersecurity team to help design enhance and build our Application Security Tools and Services in addition to supporting Visa Product Development teams in writing secure code free of Application Security Vulnerabilities in an agile development environment. You will work with colleagues who will support and challenge you daily. You will work on designing secure web applications unit testing code reviews and regular checkins to continuous integration that will become part of your DNA.

Our engineers do more than just write code:

Essential Functions

• Help define consistent Secure Software Development Lifecycle practices for all Visa technology projects throughout the planning and delivery cycles that assure that application security risks are mitigate

• Ensure endtoend security of Visa products by hands on testing hypothesizing threats helping development teams remediating risks upfront and championing secure implementation efforts

• Improve secure coding practices application security requirements automation training and metrics

• Integrate threat modeling practices into the Software Development Lifecycle

• Help build secure products and standards around emerging technologies and using existing standards and security practices

• Perform Security Architecture and Low Level Application Security Design review involving: Data Protection Authentication and Authorizations Web Application Security and Network Security

• Collaborate with product development and solution teams proactively to manage software security risk aligned with business goals

• Collaborate with product and solution teams to achieve Cybersecurity software security program objectives

• Manage crossfunctional internal and external team collaboration evangelization and communications

• Develop and optimize processes to improve software development efficiency in the consumption of security development practices

• Maintain active understanding of industry practices for secure software development and incident response

This is a hybrid position. Expectation of days in office will be confirmed by your hiring manager.

Qualifications :

Basic Qualifications:
Bachelors Degree or 3 years of relevant work experience

Preferred Qualifications:
2 or more years of work experience.
You have a Bachelor degree in Computer Science or related field and 2 3 years
of Software Development Experience
12 Years of Experience in Web Application Security SSDLC and Threat
Modelling with MS/BS degree in Information System management / Computer
Science / Information Security or a related technical discipline
Hands on experience with Software Development Java C JavaScript and
HTML
MUST have deep understanding of OWASP Top 10 and CWE 25 with proven
track record and experience in implementing and integrating remediation
strategies
Excellent understanding of web applications web servers layer 7 application
technologies frameworks and protocols with respect to application
development and deployment
Well versed in web application design penetration testing application risk
assessment and risk categorization
Operational knowledge of secure software development life cycle principles
from training and requirements gathering to postimplementation operations
support
Well versed (experience preferred) with driving and implementing secure
development practices into SDLC (SSDLC) ability to successfully integrate
security into a developers world
Success in implementing effective Secure SDLC frameworks across a large
corporation.
Ability to effectively present and communicate security threats and risks to
ANY audience and impress upon them the mitigation techniques and
strategies
Candidates should be familiar with waterfall and agile development processes
and have experience integrating secure development practices into both
models.
Deep knowledge and experience in using SAST DAST and fuzz testing tools
Highly effective communicator wellhoned influencing and negotiating skills
Solid problem solving and analytical skill able to quickly digest any
issue/problem encountered and recommend an appropriate solution.
Selfmotivated able to work independently able to negotiate and bring
consensus to diverse priorities of product development and solution teams

Additional Information :

Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race color religion sex national origin sexual orientation gender identity disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

Remote Work :

No

Employment Type :

Fulltime